package org.oak.configuration;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;

/**
 * org.oak.configuration.CorsConfig
 *
 * @author ZRS
 * @version V1.0
 * @since 2025/10/30 18:51
 */
@Configuration
public class CorsConfig {

    @Bean
    public CorsFilter corsFilter() {
        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
        CorsConfiguration config = new CorsConfiguration();

        // 设置允许的源
        config.addAllowedOrigin("*");
        // 设置允许的HTTP方法
        config.addAllowedMethod("*");
        // 设置允许的请求头
        config.addAllowedHeader("*");
        // 设置允许携带凭证
        config.setAllowCredentials(true);
        // 设置暴露的响应头
        config.addExposedHeader("Authorization");

        // 设置预检请求结果缓存时间
        config.setMaxAge(3600L);

        source.registerCorsConfiguration("/**", config);
        return new CorsFilter(source);
    }
}